ntdll-unhooking topic

List ntdll-unhooking repositories

Fuck-Etw

92
Stars
12
Forks
Watchers

Bypass the Event Trace Windows(ETW) and unhook ntdll.

verified publisher icon unkvolism

ReflectiveNtdll

163
Stars
23
Forks
Watchers

A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (using pe2shc by @hasherezade). Payload encryption via SystemFuc...

verified publisher icon reveng007

inline-syscall

172
Stars
30
Forks
Watchers

Inline syscalls made for MSVC supporting x64 and WOW64

verified publisher icon nbs32k

NativeDump

687
Stars
97
Forks
687
Watchers

Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)

verified publisher icon ricardojoserf

TrickDump

524
Stars
57
Forks
524
Watchers

Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!

verified publisher icon ricardojoserf